trusty-review
Fast local PR-review service — LLM-backed code review with search and analysis context.
trusty-review fetches GitHub PR diffs, retrieves code context from
trusty-search, queries trusty-analyze for
complexity data, then calls an LLM (AWS Bedrock by default) to produce a structured
review verdict with actionable findings.
It ships as:
- a one-shot CLI (
run/comparesubcommands) - a long-lived HTTP webhook server (
servesubcommand, port 7880) - a JSON-RPC 2.0 / MCP stdio service (
serve --stdio) for Claude Code integration
Install
This installs the trusty-review binary.
Prerequisites
Two sidecar daemons must be running for full context retrieval:
- trusty-search on
:7878— code-context hybrid search - trusty-analyze on
:7879— complexity and quality metrics (optional)
&&
&&
Quick start — one-shot review
# Review a GitHub PR (Bedrock credentials required)
# Review a local unified diff
# Override the reviewer model
# Compare models
HTTP server
# Start the HTTP daemon on port 7880
# Custom port / bind address
Endpoints:
| Method | Path | Description |
|---|---|---|
| GET | /health |
Liveness + dependency status |
| GET | /status |
In-flight count + last error |
| POST | /review |
Synchronous on-demand review |
| POST | /pr/github/webhook |
GitHub PR webhook (HMAC-validated) |
MCP stdio service (Claude Code integration)
# Start the MCP stdio server
Wire into Claude Code via .mcp.json:
MCP tools
| Tool | Description |
|---|---|
review_pr |
Review a GitHub PR by owner/repo/number |
review_diff |
Review a raw unified diff string |
review_health |
Probe service liveness and configuration |
review_pr
Returns a ReviewResult JSON object (verdict, findings, token counts, cost estimate).
review_diff
review_health
Returns { "status": "ok", "version": "...", "dry_run": true, "reviewer_model": "...", "deps": {...} }.
Environment variables
| Variable | Default | Purpose |
|---|---|---|
PR_INTELLIGENCE_DRY_RUN |
true |
When true, no GitHub comments are posted |
TRUSTY_SEARCH_URL |
http://127.0.0.1:7878 |
trusty-search daemon URL |
PR_INTELLIGENCE_ANALYZER_URL |
http://127.0.0.1:7879 |
trusty-analyze daemon URL |
GITHUB_TOKEN |
— | GitHub personal access token for review_pr |
AWS_ACCESS_KEY_ID / AWS_SECRET_ACCESS_KEY |
— | AWS credentials for Bedrock |
OPENROUTER_API_KEY |
— | OpenRouter API key (when using OpenRouter provider) |
RUST_LOG |
warn |
Tracing filter (logs to stderr) |
AWS credentials can also be supplied via ~/.aws/credentials, IAM roles, or SSO.
The full AWS credential chain is supported.
Reviewer model
The default reviewer model is us.anthropic.claude-sonnet-4-6 on AWS Bedrock.
Override via:
- CLI flag:
--reviewer-model bedrock/us.anthropic.claude-haiku-4-5 - Env var:
PR_INTELLIGENCE_REVIEWER_MODEL=bedrock/us.anthropic.claude-haiku-4-5 - Config file:
$XDG_CONFIG_HOME/trusty-review/config.toml
Provider prefix convention:
bedrock/<id>— AWS Bedrock Converse API (no API key needed, uses AWS credential chain)openrouter/<id>— OpenRouter (requiresOPENROUTER_API_KEY)- Bare id — uses the configured default provider
Cargo features
| Feature | Default | Description |
|---|---|---|
http-server |
yes | Axum HTTP daemon (serve subcommand without --stdio) |
mcp |
yes | MCP stdio JSON-RPC service (serve --stdio) |
License
Elastic License 2.0 — see LICENSE.